A Holistic Approach to Data Security: Facing New Risks with Big Data and the Cloud

A Holistic Approach to Data Security: Facing New Risks with Big Data and the Cloud

Bryan FORD

Nationality

American

Year of selection

2015

Institution

Ecole Polytechnique Fédérale de Lausanne

Country

Switzerland

Risk

Socio-economic risks

Type of support

Chairs

Granted amount

1 500 000 €

Duration

15 years

The fruits of computer scientists’ labor are so fundamental to our personal and professional activities that we can scarcely imagine life them. At the same time, the heights attained by the field, including cloud computing and Big Data, now force us to look hard at the risks they bring and find new approaches to ensuring our data security. Most researchers focus on strengthening one security property, though this may mean neglecting another. Prof. Bryan Ford, however, believes the matter can only be treated holistically, simultaneously addressing the multiple demands users place on data protection systems. He is also sure we need to study this now. While we won’t turn back now from the capabilities of the most advanced computing methods, cyber attacks are growing more sophisticated and the potential for system failures more threatening. With his research program, Prof. Ford aims to identify the most pressing but underexplored risks and to propose new ways of tackling them. The three main properties of data security are availability (ensuring data is not lost or inaccessible), integrity (not corrupted or maliciously manipulated) and privacy (not disclosed or used improperly). The challenge is to ensure one without violating another. To verify the integrity of data, for example, it must be disclosed, thereby violating users’ privacy. Prof. Ford has already begun addressing this issue by building on small-scale, decentralized systems that are strong on privacy, with system-wide integrity and availability protections built in. The tradeoff had been the low number of users these systems could support, but his previous work on a project called Dissent proved that, using novel techniques, they could be scaled up for at least thousands of users—practical for real-world implementation. Going forward, he will improve on the framework he devised for use in communication systems, but also to build secure tools that preserve privacy for a variety of other important functions, like voting applications, digital archival storage, and the use of crypto-currencies, like bitcoin.While exciting progress in computer science makes all of the above possible, the growth of cloud computing also introduces new risks—and the well-known ones may be only the tip of the iceberg, Prof. Ford says. It’s not the problems tied directly to your cloud provider, like outages cutting off your access, that worry him, but the second-order risks. These include cloud services that may appear independent, but actually share resources behind the scenes, undermining the safety usually conferred by redundancy in a system. “This could create unexpected and potentially catastrophic failure correlations, reminiscent of financial industry crashes,” Prof. Ford explains. Also requiring urgent attention is the challenge that cloud computing adds to the preservation of digital artifacts. Technology changes rapidly and versions become out of date, putting long-term availability at risk. With cloud-based applications, users are never in possession of a complete, functional copy of the item to store in a repository—think search engines or mapping applications, versus word processing software installed directly on your computer. How, then, can digital archivists file away historically significant cloud artifacts for long-term cultural preservation?Prof. Ford’s research project will provide, first of all, a much deeper understanding of the questions like this that must be asked in a new era of cloud computing. In response to the risks exposed, he will also design new system architectures capable of facing the problems involved. He aims to develop methods of quantifying the risk of compromised privacy or failure in a system. Then, he’ll create protoypes capable of using this measurement to reconfigure cloud systems at risk. By getting started now, Prof. Ford hopes to understand the risks and devise solutions “before our socioeconomic fabric becomes inextricably dependent on a convenient but potentially unstable computing model,” he says.